Skip to main content
Question

Single Sign-on Extensions Ipad

  • November 13, 2025
  • 0 replies
  • 17 views
tdenton
Forum|alt.badge.img+11
  • tdenton
  • Valued Contributor
  • 147 replies

Hello

In the process of testing single sign on extension for managed Ipads, I have deployed the Authenticator app and the single sign on profile with following plist.

SSO is working great on all apps except outlook, I think it has something to do with how Outlook use SSO/ auth method it uses.
 

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <!-- Existing Keys -->
    <key>AppPrefixAllowList</key>
    <string>com.microsoft.,com.apple.,com.jamf.,com.jamfsoftware.</string>
    <key>browser_sso_interaction_enabled</key>
    <integer>1</integer>
    <key>disable_explicit_app_prompt</key>
    <integer>0</integer>

    <!-- Managed App Config for Intune -->
    <key>IntuneMAMUPN</key>
    <string>$EMAIL</string>

    <!-- Required for Microsoft Enterprise SSO -->
    <key>ExtensionIdentifier</key>
    <string>com.apple.extensiblesso</string>
    <key>TeamIdentifier</key>
    <string>UBF8T346G9</string>
    <key>URLs</key>
    <array>
        <string>https://login.microsoftonline.com</string>
        <string>https://login.windows.net</string>
    </array>

    <!-- App Identifiers for SSO -->
    <key>AppIdentifierAllowList</key>
    <array>
        <string>com.microsoft.Outlook</string>
        <string>com.microsoft.Office.Word</string>
        <string>com.microsoft.Office.Excel</string>
        <string>com.microsoft.Office.Powerpoint</string>
        <string>com.microsoft.teams</string>
        <string>com.microsoft.Authenticator</string>
    </array>
</dict>
</plist>

 

 I have also pushed out some app config for Outlook but that doesnt seem to help either. 
 

<dict>
    <key>com.microsoft.outlook.EmailProfile.AccountType</key>
    <string>ModernAuth</string>
    <key>com.microsoft.outlook.EmailProfile.EmailAddress</key>
    <string>{{}}\{\{ email{{}}\}\} </string>
    <key>com.microsoft.outlook.EmailProfile.ServerHostName</key>
    <string>outlook.office365.com</string>
    <key>com.microsoft.outlook.EmailProfile.UserName</key>
    <string>{{}}\{\{ email{{}}\}\} </string>
</dict>



As anyone else come across this, currrent Im been prompted for a password when setting up outlook which should happen.





Thanks
Tom

    0 replies

    Be the first to reply!


    Terms & ConditionsCookie settingsAccessibility statement